This invention relates generally to a method and system for facilitating the identification, investigation, assessment and management of legal, regulatory, financial and reputational risks (“Risks”). In particular, the present invention relates to a computerized system and method for banks and non-bank financial institution to comply with “know your customer” requirements associated with a correspondent bank.
As money-laundering and related concerns have become increasingly important public policy concerns, regulators have attempted to address these issues by imposing increasing formal and informal obligations upon financial institutions. Government regulations authorize a broad regime of record-keeping and regulatory reporting obligations on covered financial institutions as a tool for the federal government to use to fight drug trafficking, money laundering, and other crimes. The regulations may require financial institutions to file currency and monetary instrument reports and to maintain certain records for possible use in tax, criminal and regulatory proceedings. Such a body of regulation is designed chiefly to assist law enforcement authorities in detecting when criminals are using banks and other financial institution as an intermediary for, or to hide the transfer of funds derived from criminal activity.
Amongst other obligations, sections 313 and 319(b) of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 prohibit certain financial institutions from providing correspondent accounts to a foreign Shell Bank and requires financial institutions to take reasonable steps to ensure that a correspondent account provided to a foreign bank is not being used to indirectly provide banking services to foreign Shell Banks. In addition, section 319(b) of the USA PATRIOT Act adds a new subsection (k) to 31 U.S.C. 5318 which requires certain financial institutions that provide correspondent accounts to a foreign bank to maintain records of the foreign bank's owners and agent in the United States designated to accept service of legal process.
The USA PATRIOT Act, provides that a covered financial institution shall not establish, maintain, administer, or manage a correspondent account in the United States for, or on behalf of, a foreign bank that does not have a physical presence in any country (Shell Bank). In addition, the USA PATRIOT Act requires a covered financial institution to take reasonable steps to ensure that any correspondent account established, maintained, administered, or managed by the covered financial institution in the United States for a foreign bank is not being used by that foreign bank to indirectly provide banking services to a foreign Shell Bank that is not a regulated affiliate. Current regulations can require that a certification be established and maintained on a two year cycle.
Bank and non-bank financial institutions, including: an investment bank; a merchant bank; a securities firm, any insured bank (as defined in section 3(h) of the Federal Deposit Insurance Act (12 U.S.C. 1813(h)); a commercial bank or trust company; a private banker; a credit union; a thrift institution; broker dealers securities and commodities trading firms; asset management companies, hedge funds, mutual funds, credit rating funds, securities exchanges and bourses, institutional and individual investors, law firms, accounting firms, auditing firms, or any institution the business of which is engaging in financial activities as described in section 4(k) of the Bank Holding Act of 1956; may be subject to legal and regulatory obligations associated with the USA PATRIOT Act, hereinafter collectively referred to as “Financial Institution.” Financial Institutions typically have few resources available to them to assist in establishing and maintaining necessary records.
Establishing and maintaining certifications required under the USA PATRIOT ACT can be onerous to both a Financial Institution and to a foreign counterpart seeking to provide required information. Uncertainty can surround what the certification requirements are and how to properly fulfill them. Directions given by the U.S. Treasury Department estimate that a qualified person may take approximately twenty hours to properly generate a certification. This amount of work may need to be duplicated for each request from each respondent bank. In addition, there exists an increased likelihood of confusion, redundancy, inaccuracy and contradiction if different entities acting on behalf of a single correspondent bank provide certification to multiple respondent institutions.
What is needed is a method and system to coordinate and administer the certification process. Compiled certification information should be situated in a known resource from which it can be conveyed to a compliance department or government entity and also be able to demonstrate to regulators that a Financial Institution has met standards relating to risk containment.